WEBINAR:On-Demand

Related Articles

Wi-Fi hotspot administrators can help protect users from security threats such as discussed in Wi-Fi Hotspot Security: The Issues. Don't forget, offering public wireless access also creates a few security concerns for the admins and providers themselves. However, Wi-Fi hotspots can still be safe and secure for both the users and the businesses or organizations hosting them if the issues are properly addressed.

Follow these recommendations:

Help Secure the Real-time Traffic

Wireless eavesdroppers can easily capture and view the traffic of your Wi-Fi hotspot. Thus, make sure you do what you can to help protect your users:

Make Sure Users can Access VPNsMost wireless routers and hotspot gateways have specific settings that opens up the ports used by VPNs, typically referred to as VPN Pass-through, and can usually be found in the miscellaneous or security section of the router or access point's Web-based configuration utility.

Protect any Public WorkstationsProperly protecting of any public PCs, such as disabling administration rights, helps ensure the security of the users. Special software, such as Public Access Desktop, can help lock down free-to-use workstations on the premises.

Help Prevent Authorized Access of User Devices

When users connect to Wi-Fi hotspots, they connect to a network. As a result, the devices may be able to communicate with each other and hackers may be able to access other mobile devices on the network. Thus, you should enable this feature:

Client IsolationEnabling this type of feature blocks the users connected to the hotspot from communicating with each other via the wireless network. This protects users who havent disabled file sharing (which they may turn on at home or work where it's useful). The client isolation setting is usually found in the advanced wireless section of most wireless routers and hotspot gateways Web-based configuration utility.

Inform Users of the Issues

Some Wi-Fi hotspot users may not understand the risks involved in using these unsecured networks. Try to let them know. In addition to helping the users, this may also be necessary for liability reasons. You could mention statements and tips such as those listed in Wi-Fi Hotspot Security: Solutions for Users on your hotspots splash screen and/or in a terms and conditions statement they must agree to before Internet access is granted.

Keep Your Networks Secured

Its very important that you properly secure any private wired or wireless networks at your location when trying to integrate a Wi-Fi hotspot.

Use VLANs or Multiple SSIDsMost enterprise class access points have the capability of virtual LANs or multiple SSIDs so you can create multiple networks simultaneously over one physical network. Therefore, you could create a separate virtual network, for public users, that is left unprotected.

Use Public/Private Hotspot GatewaysSome hotspot gateways, such as the D-Link DSA-3200, allow you to easily offer public Internet access and have a separate private network sharing a single Internet connection. Typically, these gateways offer separate Ethernet ports for the public and private network interfaces. This makes it very easy to properly secure a private network.

Install a Separate Internet ConnectionIn order to separate your private and public networks there is always the option of installing and using a completely different Internet connection for your public hotspot. In addition, you wont have to compete among the public users for bandwidth. The downside is, you pay twice as much for the access. But it could be worth it.

Follow General Security MethodsWhen users connect to your Wi-Fi hotspot they choose the network out of a list of available networks nearby. Therefore, make sure any private wireless networks you have are secured so your users cant connect or view unencrypted traffic. You can refer to one of my earlier tutorials, Wi-Fi Security Issues Up Close, for more information.

Eric Geier is a computing and wireless networking author and consultant. He is employed with Wireless-Nets, Ltd., a consulting firm focusing on the implementation of wireless mobile solutions and training. He is an author of Geeks on Call - Wireless Networking: 5-Minute Fixes and Geeks on Call - PC's: 5-Minute Fixes published by John Wiley & Sons.

Please enable Javascript in your browser, before you post the comment! Now Javascript is disabled.

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.

Thanks for your registration, follow us on our social networks to keep up-to-date